package com.example.modules.controller;

import apijson.RequestMethod;
import apijson.framework.APIJSONController;
import apijson.orm.Parser;
import com.example.verify.pojo.SecureUserToken;
import io.swagger.annotations.Api;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpSession;
import java.util.Collection;

/**
 * @author liuju
 */
@RestController
@RequestMapping("/crud")
@Api(tags = {"简单请求统一处理"})
public class UnifiedController extends APIJSONController<String> {

    @Override
    public Parser<String> newParser(HttpSession session, RequestMethod method) {
        return super.newParser(session, method);
    }

    /**获取
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#GET}
     */
    @PostMapping(value = "get")
    @Override
    public String get(@RequestBody String request, HttpSession session) {
        return super.get(request, session);
    }

    /**计数
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#HEAD}
     */
    @PostMapping("head")
    @Override
    public String head(@RequestBody String request, HttpSession session) {
        return super.head(request, session);
    }

    /**限制性GET，request和response都非明文，浏览器看不到，用于对安全性要求高的GET请求
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#GETS}
     */
    @PostMapping("gets")
    @Override
    @PreAuthorize("hasAuthority('sys:power:info')")
    public String gets(@RequestBody String request, HttpSession session) {
        return super.gets(request, session);
    }

    /**限制性HEAD，request和response都非明文，浏览器看不到，用于对安全性要求高的HEAD请求
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#HEADS}
     */
    @PostMapping("heads")
    @Override
    @PreAuthorize("hasAuthority('sys:power:info')")
    public String heads(@RequestBody String request, HttpSession session) {
        return super.heads(request, session);
    }

    /**新增
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#POST}
     */
    @PostMapping("post")
    @Override
    @PreAuthorize("hasAuthority('sys:power:save')")
    public String post(@RequestBody String request, HttpSession session) {
        return super.post(request, session);
    }

    /**修改
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#PUT}
     */
    @PostMapping("put")
    @Override
    @PreAuthorize("hasAuthority('sys:power:edit')")
    public String put(@RequestBody String request, HttpSession session) {return super.put(request, session);}

    /**删除
     * @param request 只用String，避免encode后未decode
     * @param session
     * @return
     * @see {@link RequestMethod#DELETE}
     */
    @PostMapping("delete")
    @Override
    @PreAuthorize("hasAuthority('sys:power:remove')")
    public String delete(@RequestBody String request, HttpSession session) {
        return super.delete(request, session);
    }



    //通用接口，非事务型操作 和 简单事务型操作 都可通过这些接口自动化实现>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

    @GetMapping("test")
    public String test(){
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        SecureUserToken secureUserToken=(SecureUserToken) principal;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        System.out.println(authentication);
        return "ok";
    }
}
